Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-6429

CWE-119Buffer Overflow5 documents5 sources
Severity
10.0CRITICAL
EPSS
49.9%
top 2.18%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Samsung Kies
Timeline
PublishedApr 4
Latest updateMay 17

Description

Buffer overflow in the PrepareSync method in the SyncService.dll ActiveX control in Samsung Kies before 2.5.1.12123_2_7 allows remote attackers to execute arbitrary code via a long string to the password argument.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsamsung/kies2.5.0.12114_1

🔴Vulnerability Details

2
GHSA
GHSA-34mm-8gf5-xj36: Buffer overflow in the PrepareSync method in the SyncService2022-05-17
CVEList
CVE-2012-6429: Buffer overflow in the PrepareSync method in the SyncService2014-04-04

💥Exploits & PoCs

1
Exploit-DB
Samsung Kies - Remote Buffer Overflow2013-01-09

💬Community

1
Bugzilla
CVE-2012-6708 js-jquery: XSS via improper selector detection2018-06-15
CVE-2012-6429 (CRITICAL CVSS 10) | Buffer overflow in the PrepareSync | cvebase.io